State of the Internet The Need for a New Network Software-Defined Networking (SDN) Network Data Plane SDN Data Plane Technology: OpenFlow
|
|
- Britton Harris
- 6 years ago
- Views:
Transcription
1
2 State of the Internet The Need for a New Network Software-Defined Networking (SDN) Network Data Plane SDN Data Plane Technology: OpenFlow SDN Tutorial 2
3 SDN Tutorial 3
4 Proposed in the late 1970s Open Systems Interconnection model: It characterizes and standardizes a communication system by dividing it into layers A layer serves the layer above it and is served by the layer below it Two major components: An abstract model of networking A set of protocols SDN Tutorial 4
5 OSI Model Data Unit Layer Function Host Layers Data 7. Application Network process to application 6. Presentation Data presentation, encryption and decryption 5. Session Interhost communication Segment 4. Transport Reliable delivery of packets Media Layers Packet/Datagram 3. Network Addressing, routing and delivery of datagrams Bit/Frame 2. Data Link Reliable direct P2P data connection Bit 1. Physical Direct P2P data connection SDN Tutorial 5
6 SDN Tutorial 6
7 The Internet Hourglass Applications Kazaa VoIP Mail News Video Audio IM U Tube Everything on IP Transport protocols TCP SCTP UDP ICMP Ossification IP Continued Innovations Ethernet Power lines IP on ATM everything Optical Link technologies Satellite Bluetooth SDN Tutorial 7
8 The trends driving the networking industry to reevaluate traditional network architecture: The explosion of mobile devices and content Server virtualization Advent of cloud services Traditional networks are hierarchical: Make sense for client-server computing Ill-suited to the dynamic computing and storage needs SDN Tutorial 8
9 The key computing trends driving for a new network paradigm: Changing traffic patterns: Instead of client-server communication, applications access multiple databases and servers across the entire network The consumerization of IT : Mobile devices are widely used which drive IT to accommodate these personal devices in a finegrained manner SDN Tutorial 9
10 The key computing trends driving for a new network paradigm: The rise of cloud services: Enterprises enthusiastically embraced both public and private cloud services The hunger for Big data : Mega datasets needs massive parallel processing on multiple servers, which need direct connection The constant demand for additional network capacity Maintain any-to-any connectivity SDN Tutorial 10
11 Limitations of current networking: Complexity leads to stasis: To add or move any device, IT must touch multiple switches, routers, firewalls, etc. Server virtualization has greatly altered assumptions about physical location of hosts Network static nature cannot dynamically adapt changing traffic, application, and user demand Inconsistent policies: Today s network makes it difficult for IT to apply consistent set of access, security, QoS, and other policies to increasingly mobile users SDN Tutorial 11
12 Limitations of current networking: Inability to scale: Network becomes very complex with the addition of thousands of network devices that must be configured and managed Dynamic traffic patterns cannot be handled with manual configuration Vendor dependence: Vendors equipment product cycles cannot adapt to the rapid changing network architecture in time Lack of standard, open interfaces limit the ability of network operators to tailor the network 12
13 The Need for a New Network To reinvent the Internet To develop a new network with similar magnitude as today s Internet but with more demanding and complex design goals and specifications Built with the usage of emerging new technologies in the area of computer networking SDN Tutorial 13
14 State of The Internet The Internet is great at what it does, but.. Security is weak Availability/Reliability is an issue Instrumentation is weak Predictability is weak Manageability is an issue Mobility is not well supported Sensing is not well supported Scalability is an issue Our critical infrastructures cannot rely on it! Persistent problems not solvable by incremental improvements to the current Internet New Paradigms may prove more powerful, providing the basis for a superior Future Internet SDN Tutorial 14
15 Global networks are creating extremely important new challenges Science Issues We cannot currently understand or predict the behavior of complex, large-scale networks Innovation Issues Substantial barriers to at-scale experimentation with new architectures, services, and technologies Society Issues Credit: MONET Group at UIUC We increasingly rely on the Internet but are unsure we can trust its security, privacy or resilience SDN Tutorial 15
16 Software Defined Networking SDN Tutorial 16
17 What is SDN? An architectural approach that optimizes and simplifies network operation by: Decoupling the control plane and the data plane Control plane: the system that makes decision about where traffic is sent Data plane: the system that forwards traffic to the selected destination Evolved from the work done by UC Berkeley and Stanford University (Network managing project) SDN Tutorial 17
18 SDN Tutorial 18
19 What is SDN? Achieved by employing a point of logically centralized network control (SDN Controller) It facilitates the communication between applications and network elements It exposes and abstracts network functions and operations via programmable interface Gain vendor-independent control over the entire network from a single logical point SDN Tutorial 19
20 Today: Closed Boxes, Fully Distributed Protocols SDN Tutorial 20
21 SDN was implemented to open it SDN Tutorial 21
22 The Software-defined Network SDN Tutorial 22
23 SDN Tutorial 23
24
25 The part of the router architecture, also called Forwarding plane It handles incoming datagrams through a series of link-level operations Datagram is processed in the data plane by performing lookup in the FIB table programmed by control plane Fast path packet processing due to no further learning process needed SDN Tutorial 25
26 One exception to this process when packets cannot be matched to rules Unknown destination detected Packets are sent to router processor where control plane can process FIB table can be implemented in varies ways: Software Hardware-accelerated software Hardware SDN Tutorial 26
27 > 1K entries Each cell takes three logic states 0, 1, and? (don t care) Fully associative memory: compares input string with all the entries in parallel If multiple matches, report index of the first match Current TCAM technology Fast Match Time: 4-8 ns Size: 1M 1K entries * 1K bytes per entry 2K entries * 512 bytes per entry Input TCAM A B C D C D E F A B C? A B?? k bytes Match 27
28 High-performance routers often have multiple distributed forwarding elements Increases performance with parallel processing Besides the forwarding decision, the data plane may implement some small features (forwarding features) Access Control List (ACL) Quality of Service (QoS) Policy SDN Tutorial 28
29 The data plane have to do some level of datagram header rewrite SDN Tutorial 29
30 Two-stage lookups in multislot/card system: 1 st stage at ingress identifies the outgoing slot/card 2 nd stage at egress performs secondary lookup This can enable an optimization called localization to reduce the egress FIB size SDN Tutorial 30
31 Scalability Issues: The service card are limited to a certain amount of flow state they can support for certain generation of the card The significant lag between the availability of a new family of processors and new service cards that use that innovation The control card memories have processing limitations based on the generation of the CPU complex Cost SDN Tutorial 31
32 SDN Tutorial 32
33 SDN Tutorial 33
34 A communications protocol that allows the path of network packets through the switches to be determined by software running on multiple routers It was originally developed by Stanford University as part of network research Creation of experimental protocols Ultimate goal: Replace the functionality of layer 2 and layer 3 protocols completely in commercial switches and routers SDN Tutorial 34
35 The key components of the OpenFlow: Separation of the control and data planes Using a standardized protocol between controller and an agent for instantiating state Providing network programmability from a centralized view via API It is a set of protocols and an API The controller does nothing without an application program SDN Tutorial 35
36 Link Aggregation Control Protocol Rapid Spanning Tree Protocol Open Shortest Path First SDN Tutorial 36
37 Switch Components: Main components of an OpenFlow switch: Consists of one or more flow tables and a group table, used to perform packet lookup and forwarding An OpenFlow channel to an external controller Controller manages the switch via the OpenFlow protocol SDN Tutorial 37
38 Switch Components: The controller can add, update, and delete flow entries in flow tables Each flow table contains a set of flow entries; each flow entry consists of: Match fields, counters, and set of instructions Matching starts at the first flow table and may continue to additional flow tables Flow entries match packets in priority order, with the first matching entry being used SDN Tutorial 38
39 SDN Tutorial 39
40 Packet Flow Flowchart SDN Tutorial 40
41 Switch Components: If a matching entry found, the instructions associate with the specific flow entry are executed If no match found, the outcome depends on configuration of the table-miss flow entry: The packet may be forwarded to the controller, dropped, or may continue to next flow table Instruction associated with each flow entry either contain actions or modify pipeline processing SDN Tutorial 41
42 Switch Components: Actions included in instructions describe packet forwarding, packet modification and group table processing Pipeline processing instructions allow packets to be sent to subsequent tables for further processing Pipeline processing stops when the instruction set associated with a matching flow entry doesn t specify a next table At this point the packet is usually modified and forwarded SDN Tutorial 42
43 Switch Components: Flow entries may forward to a port, usually a physical port, but it could also be a logical port defined by the switch or a reserved port defined by the specification Actions associated with flow entries may also direct packets to a group, which specifies additional processing Groups represent sets of actions for flooding and more complex forwarding semantics (multipath, fast reroute, and link aggregation) SDN Tutorial 43
44 Switch Components: Groups also enable multiple flow entries to forward to a single identifier Group table contains group entries: Each group entry contains a list of action buckets with specific semantics dependent on group type SDN Tutorial 44
45 Example of Nested Flows From Foundations of Modern Networking: SDN, NFV, QoE, IoT, and Cloud by William Stallings ( ) Copyright 2016 Pearson Education, Inc. All rights reserved.
46 Group Types From Foundations of Modern Networking: SDN, NFV, QoE, IoT, and Cloud by William Stallings ( ) Copyright 2016 Pearson Education, Inc. All rights reserved.
47 Goal: Evangelize OpenFlow to vendors Free membership for all researchers Whitepaper, OpenFlow Switch Specification, Reference Designs Licensing: Free for research and commercial use SDN Tutorial 47
48 SDN Tutorial 48
49 A network emulator emulates a collection of end-hosts, switches, routers, and links on a single Linux kernel Uses lightweight virtualization to make a single system look like a complete network Commonly used as an emulation, verification, testing tool, and resource SDN Tutorial 49
50 Represents a shell of a machine that arbitrary programs can be plugged into and run The measured performance of a Mininet-hosted network often should approach that of actual (non-emulated) switches, routers, and hosts Allows full topologies and packet forwarding customization SDN Tutorial 50
51 Internally, Mininet employs lightweight virtualization features in the Linux kernel, including process groups, CPU bandwidth isolation, and network namespaces, and combines them with link schedulers and virtual Ethernet links. Isolated Hosts. An emulated host in Mininet is a group of user-level processes moved into a network namespace Linux network namespaces Emulated Links. The data rate of each link is enforced by Linux Traffic Control (tc), which has a number of packet schedulers to shape traffic to a configured rate Linux tc feature Emulated Switches. Mininet typically uses the default Linux bridge or Open vswitch running in kernel mode to switch packets across interfaces Linux Open vswitch (OVS) SDN Tutorial 51
52 SDN Tutorial 52
53 The easiest way is to download prepackaged Mininet/Ubuntu VM Included Mininet, all OpenFlow binaries and tools, and tweaked kernel Download and install a virtualization system Recommend VirtualBox ads SDN Tutorial 53
54 Import VM: Add the VM and start it up, in the virtualization program you choose VirtualBox: Import the OVF file, select settings, and add an additional host-only network adapter VMware: Import the OVF file, then start the VM Qemu/KVM: Convert the VMDK to QCOW2 format first qemu-img convert O qcow2 filename.vmdk filename.qcow2 SDN Tutorial 54
55 VirtualBox: Import SDN Tutorial 55
56 VirtualBox: Open downloaded VOF file: SDN Tutorial 56
57 VirtualBox: Click next after you chose the location SDN Tutorial 57
58 VirtualBox: Review the VM configuration and Import SDN Tutorial 58
59 VirtualBox: Make sure your VM has two network interfaces: NAT interface: It can use to access the Internet It should be eth0 and have a 10.X IP address Host-only interface: Used to communicate with host machine It should be eth1 with X IP address Both interfaces should be configured using DHCP, if not, run: $ sudo dhclient ethx Replacing ethx with the name of downed interface SDN Tutorial 59
60 VirtualBox: Select the imported VM and click Settings SDN Tutorial 60
61 VirtualBox: In the network, add an additional host-only network adapter and click Ok SDN Tutorial 61
62 VirtualBox: Log in to VM, use following username and password: mininet-vm login: mininet Password: mininet Command syntax: $: precedes Linux commands that should be typed at the shell prompt mininet>: precedes Mininet commands that should be typed at Mininet s CLI #: precedes Linux commands that re typed at a root shell prompt SDN Tutorial 62
63 Mac OS and Linux: Open a terminal. Run following in terminal: $ ssh X [user]@[guest IP Here] Replace [user] with the correct username Replace [Guest IP] with the IP you just noded Enter the password for your VM image Try to start up the X terminal using $ xterm SDN Tutorial 63
64 Windows: In order to use X11 applications such as xterm and wireshark, the Xming server must be running Download and install Xming Start Xming by double-clicking its icon Make an ssh connection with X11 forwarding enabled SDN Tutorial 64
65 Windows: To enable X11 forwarding from PuTTY GUI, click PuTTY -> Connection -> SSH -> X11, then click on Forwarding Enable X11 Forwarding SDN Tutorial 65
66 Windows - Alternative: Run X11 in the VM console window: First, log in to the VM in its console window and make sure apt is up to date sudo apt-get update Then install the desktop environment of your choice: sudo apt-get install xinit <environment> <environment> is you GUI of choice lxde: a reasonable compact and fast desktop GUI flwm: a smaller but more primitive desktop GUI ubuntu-desktop: the full, heavyweight ubuntu GUI Then you can start X11 in the VM: startx SDN Tutorial 66
67 Development Environment: OpenFlow Controller: Sits above the OpenFlow interface Executed during the simulation and observe messages being sent OpenFlow Switch: Sits below the OpenFlow interface A user-space software switch dpctl: Command-line utility that sends quick OpenFlow messages Useful for viewing switch port stats SDN Tutorial 67
68 Development Environment: Wireshark: General graphical utility for viewing packets Dissector parses OpenFlow messages sent to OpenFlow default port in a readable way iperf: General command-line utility for testing the speed of a single TCP connection cbench: Utility for testing the flow setup rate of OpenFlow controllers SDN Tutorial 68
69 SDN Tutorial 69
70 Create the network in VM, enter (SSH): & sudo mn topo single,3 --mac -- switch ovsk --controller remote This tells Mininet to start up 3-host, single switch topology, set the MAC address: Created 3 virtual hosts, each with a separate IP address Created a single OpenFlow software switch in the kernel with 3 ports Connected each virtual host to the switch with a virtual Ethernet cable Set the MAC address of each host equal to its IP Configure the switch to connect to a controller SDN Tutorial 70
71 Mininet-specific basic commands: Lists available nodes, run: mininet> nodes Lists all available commands, run: mininet> help Runs a single command on a node, ex: check the IP of a virtual host: mininet> h1 ifconfig Running interactive commands and watching debug output: mininet> xterm h1 h2 SDN Tutorial 71
72 dpctl example usage (SSH terminal): It enables visibility and control over a single switch s flow table, useful for debugging by viewing flow state and flow counters To dump out port state and capabilities: $ dpctl show tcp: :6634 More useful command: $ dpctl dump-flows tcp: :6634 SDN Tutorial 72
73 Ping test: Let s go back to the mininet console and try to ping h2 from h1: mininet> h1 ping c3 h2 The ping should fail due to the switch flow table is empty, and there is no controller connected to the switch Manually install the necessary flows by using dpctl: $ dpctl add-flow tcp: :6634 in_port=1, actions=output:2 $ dpctl add-flow tcp: :6634 in_port=2, actions=output:1 SDN Tutorial 73
74 SDN Tutorial 74
75 Ping test: Run the ping command again and you should get the replies If you didn t see any ping replies, it might be the case that the flow-entries expired before you start your ping test, the default idle_timeout is 60 seconds We can manually modify the idle_timeout by running: $ dpctl add-flow tcp: :6634 in_port=1,idle_timeout=120,actions=out put:2 SDN Tutorial 75
76 Running Wireshark: The VM image includes the OpenFlow Wireshark dissector pre-installed To open Wireshark: $ sudo wireshark & Set up a filter for OpenFlow control traffic by typing of in Filter box near the top Press the apply button to apply the filter to all recorded traffic SDN Tutorial 76
77 Start controller and view messages With the Wireshark dissector listening, start the OpenFlow controller (SSH terminal): $ controller ptcp: This starts a simple controller that acts as a learning switch without installing any flowentries You should see number of messages displayed in Wireshark, from the Hello exchange messages and so on SDN Tutorial 77
78 Start controller and view messages Hello Hello Message Type Description Features Request Set Config Features Reply Controller->Switch Switch->Controller Controller->Switch Controller->Switch Switch->Controller Like TCP handshake, the controller sends its version number to the switch The switch replies with its supported version number The controller asks to see which ports are available Controller asks the switch to send flow expirations Switch replies with a list of ports, port speed, and supported tables and actions SDN Tutorial 78
79 Benchmark controller w/iperf: iperf is a command-line tool for checking speeds between two computers In the mininet console, run: mininet> iperf This command runs an iperf TCP server on one virtual host, then runs an iperf client on a second virtual host, once connected, they transfer packets with each other and report the results SDN Tutorial 79
ADVANCED COMPUTER NETWORKS Assignment 9: Introduction to OpenFlow
Spring Term 2014 ADVANCED COMPUTER NETWORKS Assignment 9: Introduction to OpenFlow Assigned on: 8 May 2014 Due by: 21 May 2014, 23:59 1 Introduction The goal of this assignment is to give an introduction
More informationOutline. SDN Overview Mininet and Ryu Overview Mininet VM Setup Ryu Setup OpenFlow Protocol and Open vswitch Reference
1 Mininet and Ryu 2 Outline SDN Overview Mininet and Ryu Overview Mininet VM Setup Ryu Setup OpenFlow Protocol and Open vswitch Reference 3 SDN Overview Decoupling of control and data planes Directly Programmable
More informationA short walk-through of Mininet and POX
A short walk-through of Mininet and POX This tutorial has three parts. The first part covers the basics of the Mininet network emulation environment under which your programming assignment will be carried
More informationADVANCED COMPUTER NETWORKS Assignment 9: Introduction to OpenFlow
Spring Term 2015 ADVANCED COMPUTER NETWORKS Assignment 9: Introduction to OpenFlow Assigned on: 7 May 2015 Due by: 20 May 2015, 23:59 1 Introduction The goal of this assignment is to give an introduction
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 2: Software-Defined Networks (SDN) Chapter 2. Chapter goals:
Managing and Securing Computer Networks Guy Leduc Chapter 2: Software-Defined Networks (SDN) Mainly based on: Computer Networks and Internets, 6 th Edition Douglas E. Comer Pearson Education, 2015 (Chapter
More informationMininet/Openflow. Objectives. Network Topology. You will need a Number
Mininet/Openflow Objectives In this lab, you will start by learning the basics of running Mininet in a virtual machine. Mininet facilitates creating and manipulating Software Defined Networking components.
More informationSoftware-Defined Networking (SDN) Overview
Reti di Telecomunicazione a.y. 2015-2016 Software-Defined Networking (SDN) Overview Ing. Luca Davoli Ph.D. Student Network Security (NetSec) Laboratory davoli@ce.unipr.it Luca Davoli davoli@ce.unipr.it
More informationProject 4: SDNs Due: 11:59 PM, Dec 12, 2018
CS168 Computer Networks Fonseca Project 4: SDNs Due: 11:59 PM, Dec 12, 2018 Contents 1 Introduction 2 2 Overview 2 2.1 Architecture......................................... 3 3 Shortest-path Switching
More informationCommunication System Design Projects. Communication System Design:
Communication System Design Projects KUNGLIGA TEKNISKA HÖGSKOLAN PROFESSOR: DEJAN KOSTIC TEACHING ASSISTANT: GEORGIOS KATSIKAS Communication System Design: https://www.kth.se/social/course/ik2200/ Traditional
More informationOS10 Virtualization Guide. Enterprise Edition
OS10 Virtualization Guide Enterprise Edition 2018-7 Rev. A00 Contents 1 OS10 software virtualization...4 2 Setup GNS3 server...7 3 Setup GNS3 client... 11 4 Start GNS3 client...16 5 Import OS10 appliance...20
More informationCommunication System Design Projects
Communication System Design Projects KUNGLIGA TEKNISKA HÖGSKOLAN PROFESSOR: DEJAN KOSTIC TEACHING ASSISTANT: GEORGIOS KATSIKAS Traditional Vs. Modern Network Management What is Network Management (NM)?
More informationCisco Virtual Networking Solution for OpenStack
Data Sheet Cisco Virtual Networking Solution for OpenStack Product Overview Extend enterprise-class networking features to OpenStack cloud environments. A reliable virtual network infrastructure that provides
More informationCS 4226: Internet Architecture
Software Defined Networking Richard T. B. Ma School of Computing National University of Singapore Material from: Scott Shenker (UC Berkeley), Nick McKeown (Stanford), Jennifer Rexford (Princeton) CS 4226:
More informationlecture 18: network virtualization platform (NVP) 5590: software defined networking anduo wang, Temple University TTLMAN 401B, R 17:30-20:00
lecture 18: network virtualization platform (NVP) 5590: software defined networking anduo wang, Temple University TTLMAN 401B, R 17:30-20:00 Network Virtualization in multi-tenant Datacenters Teemu Koponen.,
More informationIntro to OpenFlow Tutorial
GENIExperimenter/Tutorials/OpenFlowOVS-Floodlight GENI: geni Intro to OpenFlow Tutorial Overview: This is a simple OpenFlow tutorial that will guide you how to use the Floodlight Controller in conjunction
More informationReliable SDN Network Architecture
Reliable SDN Network Architecture Parvathy S Parthan, Dr. N.Guruprasad Department of Computer Science and Engineering, New Horizon College of Engineering Bengaluru, Karnataka, India-560103 ABSTRACT: Software
More informationLab 3: Simple Firewall using OpenFlow
Lab 3: Simple Firewall using OpenFlow This lab builds on the knowledge acquired through Lab 1 where you were first introduced to the Mininet environment. It will also help you prepare for the class project.
More informationImplementation of Layer 2 Rules using Software Defined Networking
Implementation of Layer 2 Rules using Software Defined Networking G Anagha 1, Deepthi G S 1, Archithaa S Rao 1, Pooja K 1, B Sudha 2, Sunita Katre 3 UG Student 1, Assistant Professor 2, Research and Development
More informationCisco Nexus Data Broker for Network Traffic Monitoring and Visibility
Guide Cisco Nexus Data Broker for Network Traffic Monitoring and Visibility Solution Implementation Guide 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
More informationHY436: Network Virtualization
HY436: Network Virtualization 20/10/2014 Xenofontas Dimitropoulos Credits: Bing Wang, Rob Sherwood, Ben Pfaff, Nick Feamster Agenda Network virtualization basics Early Forms of Vnets Overlay networks VPNs
More informationMininet Tutorial. Leonardo Richter Bays Gustavo Mio7o Marcelo Caggiani Luizelli Luciano Paschoal Gaspary
Mininet Tutorial Leonardo Richter Bays Gustavo Mio7o Marcelo Caggiani Luizelli Luciano Paschoal Gaspary Outline Introduc?on Installing Mininet SeAng Up First Steps in Mininet Ini?aliza?on Main commands
More informationInternet Technology. 15. Things we didn t get to talk about. Paul Krzyzanowski. Rutgers University. Spring Paul Krzyzanowski
Internet Technology 15. Things we didn t get to talk about Paul Krzyzanowski Rutgers University Spring 2016 May 6, 2016 352 2013-2016 Paul Krzyzanowski 1 Load Balancers Load Balancer External network NAT
More informationConfiguration and Management of Networks
Final Laboratory Configuration and Management of Networks The final Lab consists in configuring a series of case study routing topologies to configure without instructions. Each scenario has a small description
More informationCSC 4900 Computer Networks: Network Layer
CSC 4900 Computer Networks: Network Layer Professor Henry Carter Fall 2017 Chapter 4: Network Layer 4. 1 Introduction 4.2 What s inside a router 4.3 IP: Internet Protocol Datagram format 4.4 Generalized
More informationConfiguration and Management of Networks 2014 / 2015
! Departamento de Engenharia Electrotécnica Configuration and Management of Networks 2014 / 2015 Mestrado Integrado em Engenharia Electrotécnica e de Computadores 4º ano 8º semestre Final Lab part II:
More informationLab Zero: A First Experiment Using GENI and Jacks Tool
Lab Zero: A First Experiment Using GENI and Jacks Tool These instructions are at: http://tinyurl.com/geni labzero Overview This is a first, simple experiment on GENI useful for familiarizing new experimenters
More informationEnabling Efficient and Scalable Zero-Trust Security
WHITE PAPER Enabling Efficient and Scalable Zero-Trust Security FOR CLOUD DATA CENTERS WITH AGILIO SMARTNICS THE NEED FOR ZERO-TRUST SECURITY The rapid evolution of cloud-based data centers to support
More informationFirewalls. IT443 Network Security Administration Slides courtesy of Bo Sheng
Firewalls IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Internet Security Mechanisms Prevent: Firewall, IPsec, SSL Detect: Intrusion Detection Survive/ Response: Recovery, Forensics
More informationChapter 8. Network Troubleshooting. Part II
Chapter 8 Network Troubleshooting Part II CCNA4-1 Chapter 8-2 Network Troubleshooting Review of WAN Communications CCNA4-2 Chapter 8-2 WAN Communications Function at the lower three layers of the OSI model.
More informationANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS.
ANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS. Ionka Gancheva, PhD student 45 Abstract: The article contains an analysis of virtual networks and technologies that are used at data centers nowadays. Many
More informationImplementation of Virtualization in Software Defined Networking (SDN) for Data Center Networks
Implementation of Virtualization in Software Defined Networking (SDN) for Data Center Networks Nader F. Mir, Jayashree N. Kotte, and Gokul A. Pokuri nader.mir@sjsu.edu Department of Electrical Engineering
More informationOpenFlow Configuration Lab
APNIC SDN Workshop Lab OpenFlow Configuration Lab Objective: As part of this hands-on module, you will be installing the Mininet network emulator on your PC. You will then configure a standalone OpenFlow
More informationMultiprotocol Label Switching (MPLS) on Cisco Routers
Multiprotocol Label Switching (MPLS) on Cisco Routers This document describes commands for configuring and monitoring Multiprotocol Label Switching (MPLS) functionality on Cisco routers and switches. This
More informationLab 2: Creating Secure Architectures
Lab 2: Creating Secure Architectures A Challenge Our challenge is to setup MyBank Incorp, where each of you will be allocated a network and hosts to configure and get on-line (Figure 1). For this you will
More informationDesign and development of the reactive BGP peering in softwaredefined routing exchanges
Design and development of the reactive BGP peering in softwaredefined routing exchanges LECTURER: HAO-PING LIU ADVISOR: CHU-SING YANG (Email: alen6516@gmail.com) 1 Introduction Traditional network devices
More informationTable of Contents HOL-PRT-1305
Table of Contents Lab Overview... 2 - Abstract... 3 Overview of Cisco Nexus 1000V series Enhanced-VXLAN... 5 vcloud Director Networking and Cisco Nexus 1000V... 7 Solution Architecture... 9 Verify Cisco
More informationAutomatic bootstrapping of OpenFlow networks
Automatic bootstrapping of OpenFlow networks Sachin Sharma, Dimitri Staessens, Didier Colle, Mario Pickavet and Piet Demeester Department of Information Technology (INTEC), Ghent University - iminds E-mail:
More informationMultiprotocol Label Switching (MPLS) on Cisco Routers
Multiprotocol Label Switching (MPLS) on Cisco Routers Feature History Release 11.1CT 12.1(3)T 12.1(5)T 12.0(14)ST 12.0(21)ST 12.0(22)S Modification The document introduced MPLS and was titled Tag Switching
More informationLab Zero: A First Experiment Using GENI and Jacks Tool
GENIExperimenter/Tutorials/jacks/GettingStarted_PartI/Procedure GENI: geni 2/27/16, 14:35 Lab Zero: A First Experiment Using GENI and Jacks Tool These instructions are at: http://tinyurl.com/geni-labzero
More informationHP SDN Document Portfolio Introduction
HP SDN Document Portfolio Introduction Technical Solution Guide Version: 1 September 2013 Table of Contents HP SDN Document Portfolio Overview... 2 Introduction... 2 Terms and Concepts... 2 Resources,
More informationStrengthening Network Security: An SDN (Software Defined Networking) Approach
Strengthening Network Security: An SDN (Software Defined Networking) Approach Pradeep Kumar Sharma 1, Dr. S. S. Tyagi 2 1 Ph.D Research Scholar, Computer Science & Engineering, MRIU, Faridabad, Haryana,
More informationNetworking interview questions
Networking interview questions What is LAN? LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected
More informationTHE INTERNET PROTOCOL INTERFACES
THE INTERNET PROTOCOL The Internet Protocol Stefan D. Bruda Winter 2018 A (connectionless) network protocol Designed for use in interconnected systems of packet-switched computer communication networks
More informationThe Internet Protocol
The Internet Protocol Stefan D. Bruda Winter 2018 THE INTERNET PROTOCOL A (connectionless) network layer protocol Designed for use in interconnected systems of packet-switched computer communication networks
More informationModule 2 OpenFlow Configuration Lab
APNIC SDN Workshop Lab Module 2 OpenFlow Configuration Lab Objective: As part of this hands-on module, you will be installing the Mininet network emulator on your PC. You will then configure a standalone
More informationRouter Router Microprocessor controlled traffic direction home router DSL modem Computer Enterprise routers Core routers
Router Router is a Microprocessor controlled device that forwards data packets across the computer network. It is used to connect two or more data lines from different net works. The function of the router
More informationOpen SDN Controller Applications
The following topics describe the five applications that Open SDN Controller provides to facilitate the day-to-day administration of your network: BGPLS Manager, page 1 Inventory Manager, page 3 Model
More informationOpenFlow Performance Testing
White Paper OpenFlow Performance Testing Summary While OpenFlow is a standard and the ONF has strict requirements for a switch to be considered conformant with the specification conformance testing says
More informationOPENFLOW & SOFTWARE DEFINED NETWORKING. Greg Ferro EtherealMind.com and PacketPushers.net
OPENFLOW & SOFTWARE DEFINED NETWORKING Greg Ferro EtherealMind.com and PacketPushers.net 1 HUH? OPENFLOW. What is OpenFlow? From the bottom up. With big words. How OpenFlow does stuff. Then WHY we want
More informationVPN-against-Firewall Lab: Bypassing Firewalls using VPN
SEED Labs 1 VPN-against-Firewall Lab: Bypassing Firewalls using VPN Copyright c 2016 Wenliang Du, Syracuse University. The development of this document was partially funded by the National Science Foundation
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Network Layer ICMP (5.6), Network Management(5.7) & SDN (5.1, 5.5, 4.4) Prof. Lina Battestilli Fall 2017 Outline 5.6 ICMP: The Internet Control Message
More informationWeb-Based User Interface for the Floodlight SDN Controller
3175 Web-Based User Interface for the Floodlight SDN Controller Hakan Akcay Department of Computer Engineering, Istanbul University, Istanbul Email: hknakcay@gmail.com Derya Yiltas-Kaplan Department of
More informationChapter 2: Configure a Network Operating System. Every computer requires an operating system to function, including computerbased
2.0.1.1 Chapter 2: Configure a Network Operating System Every computer requires an operating system to function, including computerbased network devices such as switches, routers, access points, and firewalls.
More informationA POX Controller Module to Collect Web Traffic Statistics in SDN Environment
A POX Controller Module to Collect Web Traffic Statistics in SDN Environment Wisam H. Muragaa, Kamaruzzaman Seman, Mohd Fadzli Marhusin Abstract Software Defined Networking (SDN) is a new norm of networks.
More informationBROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK
BROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK Ken Cheng VP, Service Provider and Application Delivery Products September 12, 2012 Brocade Cloud-Optimized Networking
More informationHow to Work with Fast-Failover OpenFlow Groups
How to Work with Fast-Failover OpenFlow Groups Background Redundant links are frequently used in network topology design in order to reduce the risk of end-to-end connectivity failure due to a single link
More informationMultiprotocol Label Switching (MPLS) on Cisco Routers
Multiprotocol Label Switching (MPLS) on Cisco Routers This document describes commands for configuring and monitoring Multiprotocol Label Switching (MPLS) functionality on Cisco routers and switches. This
More informationThe OSI Model. Open Systems Interconnection (OSI). Developed by the International Organization for Standardization (ISO).
Network Models The OSI Model Open Systems Interconnection (OSI). Developed by the International Organization for Standardization (ISO). Model for understanding and developing computer-to-computer communication
More informationNetwork Security Laboratory 23 rd May STATEFUL FIREWALL LAB
Network Security Laboratory 23 rd May 2016. STATEFUL FIREWALL LAB 1 CONTENTS INTRODUCTION I. What is Stateful Firewall II. Difference between Stateful and Stateless III. Example of Stateful firewall IV.
More informationNetwork softwarization Lab session 2: OS Virtualization Networking
Network softwarization Lab session 2: OS Virtualization Networking Nicolas Herbaut David Bourasseau Daniel Negru December 16, 2015 1 Introduction 1.1 Discovering docker 1.1.1 Installation Please launch
More informationSoftware-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017
Software-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017 Traditional Ethernet Challenges Plug-and-play Allow all ROOT D D D D Nondeterministic Reactive failover Difficult
More informationDelay Controlled Elephant Flow Rerouting in Software Defined Network
1st International Conference on Advanced Information Technologies (ICAIT), Nov. 1-2, 2017, Yangon, Myanmar Delay Controlled Elephant Flow Rerouting in Software Defined Network Hnin Thiri Zaw, Aung Htein
More informationSoftware Defined Networking Data centre perspective: Open Flow
Software Defined Networking Data centre perspective: Open Flow Seminar: Prof. Timothy Roscoe & Dr. Desislava Dimitrova D. Dimitrova, T. Roscoe 04.03.2016 1 OpenFlow Specification, protocol, architecture
More informationNew trends in IT. Network Functions Virtualization (NFV) & Software Defined-WAN
New trends in IT Network Functions Virtualization (NFV) & Software Defined-WAN 2017 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks
More informationSofware Defined Networking Architecture and Openflow Network Topologies
Sofware Defined Networking Architecture and Openflow Network Topologies Fahad Kameez, M.Tech.(VLSI and ES) Department of Electronics and Communication Rashtreeya Vidyalaya College of Engineering Bengaluru,
More informationIntro to OpenFlow Tutorial
5/24/2015 GENIExperimenter/Tutorials/OpenFlowOVS GENI: geni Intro to OpenFlow Tutorial Overview: This is a simple OpenFlow tutorial that will guide you through the writing of simple OpenFlow controllers
More informationAccess Switch VLAN Y Y.1 /24
Topology: Fa 0/1 VNC Server Fa 0/0 Port B Access Router Trunk VLAN X Access Switch VLAN Y Backbone Router 141.85.Y.1 /24 28.0.0.42 OSPF X.0.0.0/8 Port A 27.45.67.89 Work Station DHCP Server The Goal: Connect
More informationPVS Deployment in the Cloud. Last Updated: June 17, 2016
PVS Deployment in the Cloud Last Updated: June 17, 2016 Contents Amazon Web Services Introduction 3 Software Requirements 4 Set up a NAT Gateway 5 Install PVS on the NAT Gateway 11 Example Deployment 12
More informationBuild Cloud like Rackspace with OpenStack Ansible
Build Cloud like Rackspace with OpenStack Ansible https://etherpad.openstack.org/p/osa-workshop-01 Jirayut Nimsaeng DevOps & Cloud Architect 2nd Cloud OpenStack-Container Conference and Workshop 2016 Grand
More informationChapter 5 Network Layer: The Control Plane
Chapter 5 Network Layer: The Control Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you
More informationPerformance Assurance Solution Components
Solution brief Performance Assurance Solution Components Network Performance Platforms, Elements, Modules & Agents Accedian is the Performance Assurance Solution specialist, with a complete range of components
More information24-Port: 20 x (100/1000M) SFP + 4 x Combo (10/100/1000T or 100/1000M SFP)
BGS-20DSFP4C Managed Fiber Switch 24-Port: 20 x (100/1000M) SFP + 4 x Combo (10/100/1000T or 100/1000M SFP) Key Features L2+ features provide better manageability, security, QOS, and performance IEEE 802.3az
More informationTHE INTERNET PROTOCOL/1
THE INTERNET PROTOCOL a (connectionless) network layer protocol designed for use in interconnected systems of packet-switched computer communication networks (store-and-forward paradigm) provides for transmitting
More information1. Which OSI layers offers reliable, connection-oriented data communication services?
CCNA 1 Practice Final Exam Answers v4.0 100% 1. Which OSI layers offers reliable, connection-oriented data communication services? application presentation session transport network 2. Refer to the exhibit.
More informationOnce the VM is started, the VirtualBox OS Manager window can be closed. But our Ubuntu VM is still running.
How to use iptables on Ubuntu Revised: 16-August-2016 by David Walling This "How To" document describes using the iptables program to define firewall rules for our Ubuntu server. We will also explore using
More informationASIT-33018PFM. 18-Port Full Gigabit Managed PoE Switch (ASIT-33018PFM) 18-Port Full Gigabit Managed PoE Switch.
() Introduction Description 16 * 10/100/1000M PoE ports + 2 * Gigabit SFP optical ports. L2+ function with better performance of management, safety & QoS etc. Supprt Layer 2 switching function, including
More informationCOMP211 Chapter 4 Network Layer: The Data Plane
COMP211 Chapter 4 Network Layer: The Data Plane All material copyright 1996-2016 J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking: A Top Down Approach 7 th edition Jim Kurose, Keith Ross
More informationGS-2610G L2+ Managed GbE Switch
GS-2610G L2+ Managed GbE Switch Overview GS-2610G L2+ Managed Switch is a next-generation Ethernet Switch offering full suite of L2 features, including advanced L3 features such as Static Route that delivers
More informationMininet & OpenFlow 24/11/2016
Mininet & OpenFlow 24/11/2016 Firt steps: configure VM PREREQUISITE: download and install the mininet VM from http://mininet.org/download/ THEN: Change network settings by enabling «bridge» Start the mininet
More informationSoftware Defined Networks
Software Defined Networks A quick overview Based primarily on the presentations of Prof. Scott Shenker of UC Berkeley The Future of Networking, and the Past of Protocols Please watch the YouTube video
More informationAssignment 5: Software Defined Networking CS640 Spring 2015
Assignment 5: Software Defined Networking CS640 Spring 2015 Due: Thursday, May 7 at 11pm Overview For this project you will implement two control application for a software defined network (SDN). A layer
More informationChapter 6: Network Layer
Chapter 6: Network Layer CCNA Routing and Switching Introduction to Networks v6.0 Chapter 6 - Sections & Objectives 6.1 Network Layer Protocols Explain how network layer protocols and services support
More informationNetwork Behavior Analysis
N E T W O R K O P E R AT I O N S. S I M P L I F I E D. FORWARD ENTERPRISE HIGHLIGHTS Forward Networks is the leader in Intent-based Networking and network assurance to automate the analysis and verification
More informationProceedings of the Fourth Engineering Students Conference at Peradeniya (ESCaPe) SDN Flow Caching
Proceedings of the Fourth Engineering Students Conference at Peradeniya (ESCaPe) 2016 SDN Flow Caching N.B.U.S. Nanayakkara, R.M.L.S. Bandara, N.B. Weerasinghe, S,N, Karunarathna Department of Computer
More informationSlicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)
Slicing a Network Advanced! Computer Networks Sherwood, R., et al., Can the Production Network Be the Testbed? Proc. of the 9 th USENIX Symposium on OSDI, 2010 Reference: [C+07] Cascado et al., Ethane:
More informationLab 1: Creating Secure Architectures (Revision)
Lab 1: Creating Secure Architectures (Revision) A Challenge Our challenge is to setup MyBank Incorp, where each of you will be allocated a network and hosts to configure and get on-line (Figure 1). For
More informationVXLAN Overview: Cisco Nexus 9000 Series Switches
White Paper VXLAN Overview: Cisco Nexus 9000 Series Switches What You Will Learn Traditional network segmentation has been provided by VLANs that are standardized under the IEEE 802.1Q group. VLANs provide
More informationFGS-2616X L2+ Managed GbE Fiber Switches
FGS-2616X L2+ Managed GbE Fiber Switches FGS-2616XD FGS-2616XA FGS-2616X Overview FGS-2616X series L2+ Managed Switch are next-generation Fiber Switch offering full suite of L2 features and additional
More informationSDN Controller Test. Network Emulator. Version 1.4. User Guide. Part Number: T / UG PKTBLASTER-SDN-CTR-EMU /1.1
SDN Controller Test Network Emulator Version 1.4 User Guide Part Number: T / UG PKTBLASTER-SDN-CTR-EMU-1.4 1115/1.1 Copyright Veryx Technologies Pvt. Ltd. All rights reserved. Veryx and PktBlaster are
More informationCCNA Exploration Network Fundamentals
CCNA Exploration 4.0 1. Network Fundamentals The goal of this course is to introduce you to fundamental networking concepts and technologies. These online course materials will assist you in developing
More informationIntroduction to lab assignments with GNS3
Politecnico di Torino TSR/CNTS, PRL, PAR Introduction to lab assignments with GNS3 User guide and helpful tips Roberto Bonafiglia, Fulvio Risso October 27, 2017 Contents 1 Requirements 4 2 Access to GNS3
More informationBLM6196 COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS
BLM6196 COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS Prof. Dr. Hasan Hüseyin BALIK (2 nd Week) 2. Protocol Architecture, TCP/IP, and Internet-Based Applications 2.Outline The Need for a Protocol Architecture
More informationOPENSTACK CLOUD RUNNING IN A VIRTUAL MACHINE. In Preferences, add 3 Host-only Ethernet Adapters with the following IP Addresses:
OPENSTACK CLOUD RUNNING IN A VIRTUAL MACHINE VirtualBox Install VirtualBox In Preferences, add 3 Host-only Ethernet Adapters with the following IP Addresses: 192.168.1.2/24 192.168.2.2/24 192.168.3.2/24
More informationIntroduction to Software-Defined Networking UG3 Computer Communications & Networks (COMN)
Introduction to Software-Defined Networking UG3 Computer Communications & Networks (COMN) Myungjin Lee myungjin.lee@ed.ac.uk Courtesy note: Slides from course CPS514 Spring 2013 at Duke University and
More informationJaringan Komputer (CCNA-1)
Jaringan Komputer (CCNA-1) #2 Configuring a Network Operating System Susmini I. Lestariningati, M.T Introduction (1) Home networks typically interconnect a wide variety of end devices including PCs, laptops,
More informationConfiguring a Palo Alto Firewall in AWS
Configuring a Palo Alto Firewall in AWS Version 1.0 10/19/2015 GRANT CARMICHAEL, MBA, CISSP, RHCA, ITIL For contact information visit Table of Contents The Network Design... 2 Step 1 Building the AWS network...
More informationAccelerating SDN and NFV Deployments. Malathi Malla Spirent Communications
Accelerating SDN and NFV Deployments Malathi Malla Spirent Communications 2 Traditional Networks Vertically integrated Closed, proprietary Slow innovation 3 Infinite Complexity of Testing Across virtual
More informationNetworking Version 2.0 Benchmarks
Networking Version 2.0 Benchmarks William Bryant Engineering Manager, Sun Microsystems, Inc. and Chairman, EEMBC Networking Subcommittee Rick Foos Director of Engineering, EEMBC Certification Labs (ECL),
More informationChapter 6 Global CONFIG Commands
Chapter 6 Global CONFIG Commands aaa accounting Configures RADIUS or TACACS+ accounting for recording information about user activity and system events. When you configure accounting on an HP device, information
More informationPSGS-2610F L2+ Managed GbE PoE Switch
PSGS-2610F L2+ Managed GbE PoE Switch Overview PSGS-2610F L2+ Managed PoE+ Switch is a next-generation Ethernet Switch offering full suite of L2 features, better PoE functionality and usability, including
More information